Tools
Tools
Bentley, Peter 
ORCID: https://orcid.org/0000-0002-6438-0028
(2025)
Analysis of Windows’ Registry Key Value to Look for Malware Using AI Generated Code.
Discussion Paper.
University of Gloucestershire, University of Gloucestershire.
(Unpublished)
Preview |
Text
15373 Bentley, P (2025) Analysis of Windows’ Registry Key Value to Look for Malware Using AI Generated Code.pdf - Accepted Version Available under License All Rights Reserved. Download (278kB) | Preview |
Abstract
Advanced Persistent Threats are known to place some of their malware in the Windows registry. This is known as Fileless malware. Long Registry key values could indicate the existence of such malware, as could differences in Registry keys from a Reference set of Registry keys. This paper reviews the length of Registry Key values and well as looking for new Registry keys and uses the results to highlight possible malware. This analysis is supported by a bespoke program of AI generated C code. Although no malware was found it is believed that the technique is inexpensive and robust enough for purpose.
| Item Type: | Monograph (Discussion Paper) |
|---|---|
| Uncontrolled Keywords: | Microsoft Windows; Encrypt; Decrypt; Encode; Decode; Compression, Advanced Persistent Threat (APT); Windows; Registry Key; Malware; Fileless malware; Indicator of Compromise; Artificial Intelligence; AI |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science Q Science > QA Mathematics > QA76 Computer software > QA76.76 Computer software topics A-Z |
| Divisions: | Schools and Research Institutes > School of Business, Computing and Social Sciences |
| Depositing User: | Peter Bentley |
| Date Deposited: | 02 Oct 2025 10:35 |
| Last Modified: | 02 Oct 2025 10:35 |
| URI: | https://eprints.glos.ac.uk/id/eprint/15373 |
University Staff: Request a correction | Repository Editors: Update this record
